Sunday, June 10, 2007

Information Technology and the madness of crowds

‘…Every age has its peculiar folly: some scheme, project, or fantasy into which it plunges, spurred on by love of gain, the necessity of excitement, or the mere love of imitation…’

In 1841, a Scots writer Charles Mackay, LL.D, published a book, which would become a huge influence in the lives and minds of those, like me, who marvel at the many manifestations of human folly.

Entitled ‘Extraordinary Popular Delusions and the Madness of Crowds’, Mackay described in splendid detail, a whole series of events which had, in their own individual ways, caught the attention of a group of people, who had, as a result, allowed all reason and logic to desert them, and had become caught up in a spiral of what could only, in hindsight, be diagnosed as a form of temporary madness or mania.

Among other topics covered by this man’s research were the so-called ‘Mississippi Scheme’, a plan hatched by an 18th century mathematical adventurer called John Law, by which he proposed to manage France’s internal debt; or the more infamous ‘South Sea Bubble’, an 18th century stock ramping pump and dump scheme of such brazen insolence, that any contemporary con-man trying to pull it off today would blush for shame.

The beauty of Mackay’s book, and it is still in print, even today, is that it proves that nothing has changed, and as the book of Ecclesiastes advises us ‘…there is nothing new under the sun…’

How right, and we are still being caught up by the promoters of various schemes which are designed to encourage us to spend significant amounts of money in the belief that without this significant outlay, we could easily render ourselves at risk of regulatory intervention, with all the downside that such an action brings with it in its wake!

How many readers remember the last few years prior to the Millennium moment, those scant ticks when the second hand on our clocks turned 1999 into the year 2000?

Did the earth stop turning; did airliners fall from the sky, or trains run on uncontrollably? Did the ATM machines dry up so that we were left with no cash to spend on January 1st?

Remember the years of Y2K, and the prognostications of the firms of consultants and the IT companies, who managed to persuade an otherwise generally sane and sensible business constituency, to spend obscene sums of money on ensuring their IT systems would survive the seminal moment when the clocks changed!

Consulting firms made fortunes so large that their start-up partners were able to retire. IT companies, wallowing in a cash-flow of such tsunami-like proportions, began to re-write their profit projections for years to come.

I know because I worked for one such company at that time, and I recall the glee in the voice of the international chairman as he glibly informed the entire assembled staff of this global company, all linked by satellite communications, that on the basis of the profits that the company had made in 1999, (based almost entirely on the income from Y2K consulting), that he could confidently predict that we would become the world’s leading IT software provider within 12 months. The new slogan (or battle cry as he called it) was to be ‘Number one in 001’ and we were to proudly use this phrase at every opportunity.

I watched, appalled, as so-called sane men and women, danced on table tops waving spilling champagne glasses, screaming this fatuous nonsense at the tops of their voices. This way madness lies!

If only Y2K was the only example. Who now also recalls the heady days of ‘…CRM…’, or ‘…Bank in a box…’! Anti-money laundering enjoyed a small frisson for a while, but that has quickly become smothered by a greater emphasis on ‘…Financial Crime…’ ‘…Basle II…’ became a catchword trotted out by the armies of slick young men and women in slightly shiny suits, all clutching their laptop bags. ‘…Enterprise Risk Management…’ had its day and became popular for a while. What all these issues had in common was that the big consulting companies and the IT firms which school round them like pilot fish around a Great White shark, smelt blood in the water. More importantly it was your blood, and that of your employers, and like their cartilaginous cousins, they honed in on the source with unerring accuracy!

Now, the new source of consultant bait or ‘chum’ is being tipped into the water, and the sharks are gathering for another predator’s ball.

In Europe, MIFID is the latest acronym, the newest mouthful of initials on the block, and the consultants are moving out in their droves to drive up the fear factor and sell more and more of their expensive time to the unsuspecting and the gullible.

MiFID – the Markets in Financial Instruments Directive – comes into effect on 1 November 2007, when it will replace the existing Investment Services Directive (ISD). MiFID introduces new and more extensive requirements that firms will have to adapt to, in particular for their conduct of business and internal organisation. It applies to allinvestment banks who do securities business in Europe, and that includes many of the major foreign players who do business in London.

MiFID makes significant changes to the regulatory framework to reflect developments in financial services and markets. It widens the range of ‘core’ investment services and activities that firms can passport. It upgrades advice that involves a personal recommendation to a core investment service that can be passported on a stand-alone basis. It introduces operating a multilateral trading facility (MTF) as a new core investment service covered by the passport; and extends the scope of the passport to cover commodity derivatives, credit derivatives and financial contracts for differences for the first time.

As the timing of the MIFID issue gathers pace, the time remaining to implement the necessary and relevant changes is shortening, but this was ever so. Even after the money laundering regulations were introduced, very few banks really met the requisite compliance dates with any accuracy.

However, MIFID possesses all the necessary characteristics for a new, consultantancy-led attack plan. It contains a mouthful of frankly ugly initials which few people really understand. It comes from Brussels so it is almost entirely incomprehensible; and it has a direct impact upon the financial services market (the lowest of all the hanging fruit in the market), and it is rapidly becoming the new ‘delusion’, the latest mania, and the consultants and IT companies are gearing up to enhance the fear factor so as to sell you new products.

The important thing is to recognise the facts and the realities and keep them firmly identified in your minds, so that the snake-oil salesmen cannot fob you off with more expensive and unnecessary additions to your already over-burdened IT systems.

MIFID is an important issue, but it has to be seen in the context in which it appears. Too many IT companies are trying to make the suggestion that the MIFID function sits most realistically within the Risk Management profile (which to a small extent is true), and that as a result, its IT model and profile can be seen in the same context as that of the AML and financial crime management environment, (which to a huge extent is not true at all). This fact will not stop the IT firms from trying to ‘shoe-horn’ you into their particular product portfolios, after all why let the facts get in the way of a slick sell? How about this example from a major software provider;

The weasel word here is ‘impacted’, but it permits them to get in a mention of the initials MIFID, thus allowing them to create a tenuous link, thereby enabling them to gain a free entry into mentioning a wider area of their product portfolio, much of which is of a legacy standard, and has no direct relationship with a MIFID requirement.

There will be significant changes to be made to your IT function, and a lot of success is going to depend upon the working relationship that firms can generate with their IT providers. The information flows which enable all the market participants to trade, whether on the buy or sell side will have to be properly configured. Transaction reporting will change a great deal for all European participants and this feature will require a lot of development for the operations function. IT providers need to be involved at the earliest stage if a lot of infrastructural change is required, and cooperation between practitioners will pay dividends by helping to reduce costs.

The point is that MIFID is not introducing a significantly new piece of legal change, unlike the rules regarding anti-money laundering. MIFID is an amending structure, changing existing and traditional methods of trading, and laying down the foundations of a completely new way of dealing in traded instruments. The immediate changes could well be the first phase of a series of on-going developments which may well take a few years to come to fruition, and which may well see even further additional changes being introduced. No-one should assume that the present phase will be the be-all and the end-all.

MIFID does have implications for a number of internal departments, not just IT. One problem is that at the moment, the kind of changes which will be introduced may not be wholly transparent, and it will be difficult for too rigid a degree of adherence to any defined compliance regime to be anticipated in the early stages. A lot of time and effort will need to be spent observing how the changes will develop and what impact they will have on the market as a whole. This will have immediate impacts on the Business sector. Compliance will also need to be monitoring these changes to ensure they are engaging with the new trading environment ‘best practice’ regime.

The point of these commentaries is to identify most clearly the range of differences which the MIFID requirements will impose, in contrast to the wholly new regime of legal, philosophical and technological change introduced by the AML legislation.

Frankly, Financial Crime, including AML and MIFID are entirely different creatures, and should not be seen in the same IT context. Seeking to use existing AML systems and methodologies to create a complementary MIFID ‘best practice’ environment is a pointless exercise, and will only lead to confusion, and increased problems on both sides of the requirement.

Trading in securities and derivative instruments is a recognised money laundering methodology. It can also engage with elements of market abuse, insider trading and other forms of trading malpractice. The proceeds from such activity can be laundered. Monitoring the transactions of an individual client’s account in order to determine whether his business conduct is suspicious, is a primary requirement for the purposes of an AML ‘best practice’ regime, and many software solutions are available to help meet those demands. What is monitored, is the financial outcome of the trading, or indeed, any other form of commercial enterprise, it is not the trading itself which is examined, as in an AML transaction monitoring environment, because that would tell an investigator very little at all.

The requirements imposed by MIFID are wholly different and deal with the needs of the successful creation of a unified European market in traded financial instruments.

Any IT or Management Consultant who tries to obfuscate the distinction between the two issues by trying to propose a unified solution should be treated with great caution. Too many of these people have merely taken their existing Basle II or their CRM teams, and re-named them as their MIFID teams. In consulting, it was ever thus.

The big problem is that today, too many banks and financial institutions are unwilling to make informed decisions about their businesses without the input from these teams of so-called experts. The reasons almost always lie with the non-executive directors who are simply unwilling to face the possibility of a new concept which could conceivably cost them money and reputation if it is wrongly applied or improperly executed, and who are not willing to back their own judgement. How often have I heard the phrase, ‘…let us employ X,Y & Z Consulting so that if they get it wrong, at least we can sue them…’

Whatever else financial institutions do, they must not take their eye off the requirements to maintain a ‘best practice’ provision in their Financial Crime and AML compliance profile. They must also implement and manage their MIFID responsibilities. Mixing up these messages, thus getting them both wrong would be a recipe for disaster. Don’t let it happen to you!

About Me

Having spent my career dealing with financial crime, both as a Met detective and as a legal consultant, I now spend my time working with financial institutions advising them on the best way to provide compliance with the plethora of conflicting regulations and laws designed to prevent and forestall money laundering - whatever that might be! This blog aims to provide a venue for discussion on these and aligned issues, because most of these subjects are so surrounded by disinformation and downright intellectual dishonesty, an alternative mouthpiece is predicated. Please share your views with what is published here from time to time!